Customers may experience printing and scanning issues on the device using smart card (PIV) authentication after installing July 2021 Windows 10 security updates on a domain controller (DC) stated by Microsoft.
“After installing updates released on 13th of July, 2021 on domain controllers (DCs) in the environment, scanners, printers and various multifunction devices that are not addressed with section 3.2.1 of RFC 4556 spec might fail to print when using smart card (PIV) authentication,” explained by Microsoft.
As per Microsoft, all the impacted smart card authenticating devices should work as expected when using the username and password authentication.
Impacted Windows versions are mentioned below:
- Client: Windows 10, version 21H1; Windows 10, version 20H2; Windows 10, version 2004; Windows 10, version 1909; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise 2015 LTSB; Windows 8.1; Windows 7 SP1
- Server: Windows Server, version 20H2; Windows Server, version 2004; Windows Server, version 1909; Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
What is the Issue Caused by Security Flaw Hardenings?
This well-known issue is caused by hardening changes for CVE-2021-33764 and it harms the smart cards authenticating printers, scanners, and multifunction devices which don’t support DH or advertise support for des-ede3-cdc (“triple DES”) during the Kerberos AS request.
Users of Windows 10 who encounter the concern are suggested to the first check if they have the latest drivers and firmware installed on the non-compliant and misbehaving printing or scanning device.
If a similar issue still comes up even though the device is up-to-date, the affected customers should contact the device manufacturer and ask for setting changes or updates to make the printer or scanner complaint with CVE-2021-33764 hardenings set up through July Windows 10 security updates.
Microsoft is recently working on temporary mitigation that facilitates a future update to re-enable printing and scanning on abused devices. “This will permit time for device manufacturers to release complaint firmware and drivers for their devices,” Microsoft added.
“Moreover, it should permit time to update settings, firmware and drivers in your surroundings and make them compliant.”
Following are the Other Printing Problems Addressed this Year
Windows 10 printing issues are addressed which was caused by changes made in the June 2021 aggregate update preview earlier this month.
Users also come across the various printing issues in March right after installing the March 2021 Patch Tuesday updates, stating that Windows 10 would crash when printing or print jobs would be missing graphics aspects, blank pages, or various concerns.
To resolve these issues, Microsoft released two out-of-band emergency updates for Windows one week later: KB5001567 on the 15th of March to fix blue screen crashes while printing and KB5001649 on the 18th of March to fix the printing issues.
In previous days, the organization released yet another emergency update to resolve additional printing concerns besides the blue screen crashes, which also consist up of various blank pages, document elements missing or printed as block boxed, and alignment or various formatting issues.